cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11820
Views
4
Helpful
2
Replies

SNMP trap community string usage

Hi,

this may seem like a silly question but I really cant get round to understanding why it is so.

when a cisco box is configured to send traps, a community string is also required.

however as far as i can understand the receving management station does not use the community string.

So what is the point of using a community string when sending a trap ?

What is considered best practise for this config ? Using a community string that has no real meaning (ie not the same for snmpget access) ? or other ?

thanks

Mark

2 Replies 2

Joe Clarke
Cisco Employee
Cisco Employee

This sounds like an issue with your trap manager. Most trap managers I know DO make use of the community string in the trap to decide whether or not to process the trap. Think of an attacker flooding your manager with bogus traps. If there was no filtering on the community string, your console could fill with "noise," and you may miss some real events.

The best practice is to use a hard-to-guess string which is different than your polling community strings.

thanks - i'll check my trap manager, and sort out my configs as you recommend.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: